❌

Normal view

Anton’s Security Blog Quarterly Q1 2026

19 March 2026 at 19:45

My Anton’s Security Blog (And Podcast!) Quarterly this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify, now withΒ VIDEO).

Gemini image forΒ this

Top 10 posts with the most lifetime views (excluding paper announcement blogs):

  1. Anton’s Alert Fatigue: The Study [A.C.β€Šβ€”β€Šwow, this is still #1 now! Awesome! Perhaps I need more of such deepΒ studies]
  2. Security Correlation Then and Now: A Sad Truth AboutΒ SIEM
  3. Can We Have β€œDetection asΒ Code”?
  4. Detection Engineering is Painfulβ€Šβ€”β€Šand It Shouldn’t Be (PartΒ 1)
  5. Revisiting the Visibility Triad for 2020 (update for 2025 isΒ here!)
  6. Beware: Clown-grade SOCs StillΒ Abound
  7. Why is Threat Detection Hard?
  8. Top 10 SIEM Log Sources in RealΒ Life?
  9. A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What HappenedΒ Next
  10. SOC Visibility Triad is Now A Quadβ€Šβ€”β€ŠSOC Visibility QuadΒ 2025

Top 5 posts with paper announcements:

  1. New Paper: β€œFuture of the SOC: SOC Peopleβ€Šβ€”β€ŠSkills, Not Tiers” (paper 2 of theΒ series)
  2. New Paper: β€œFuture of the SOC: Evolution or Optimizationβ€Šβ€”β€ŠChoose Your Path” (Paper 4 of 4.5) (one more paper coming later in 2026 … we are in reviewsΒ now!)
  3. New Paper: β€œFuture of the SOC: Forces shaping modern security operations”
  4. New Paper: β€œFuture Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 ofΒ 4)
  5. New Paper: β€œAutonomic Security Operationsβ€Šβ€”β€Š10X Transformation of the Security Operations Center” (the classic 2021 ASOΒ paper!)

3 random fun posts, must-read:

Top 7 Cloud Security Podcast by Google episodes (excluding the oldestΒ 3!):

  1. EP75 How We Scale Detection and Response at Google: Automation, Metrics, Toil (our best episode! officially!)
  2. EP150 Taming the AI Beast: Threat Modeling for Modern AI Systems with GaryΒ McGraw
  3. EP47 β€œMegatrends, Macro-changes, Microservices, Oh My! Changes in 2022 and Beyond in Cloud Security”
  4. EP153 Kevin Mandia on Cloud Breaches: New Threat Actors, Old Mistakes, and Lessons forΒ All
  5. EP109 How Google Does Vulnerability Management: The Not So SecretΒ Secrets!
  6. EP17 Modern Threat Detection atΒ Google
  7. EP156 Living Off the Land and Attacking Critical Infrastructure: Mandiant Incident DeepΒ Dive

(also see our NEW 2025 reflections blog about theΒ show)

Now, fun posts byΒ topic.

Security operations / detection & response:

(if you only read one, choose thisΒ one!)

Cloud security:

(if you only read one, choose thisΒ one!)

How Google Does SecurityΒ (HGD):

(if you only read one, choose this one! BTW, we also have a lot of fun HGD podcasts)

AI security:

(if you only read one, choose thisΒ one!)

Fun presentations shared (nothing much new hereΒ ):

Enjoy!

Previous posts in thisΒ series:


Anton’s Security Blog Quarterly Q1 2026 was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

Anton’s Vibe Coding Experience: A Reflection on Risk Decisions

17 March 2026 at 21:38

Look, I’m not a developer, and the last time I truly β€œwrote code” was probably a good number of years ago (and it was probably Perl so you may hate me). I am also not an appsec expert (as I often remindΒ people).

Below I am describing my experience β€œvibe coding” an application. Before I go into the details of my lessonsβ€Šβ€”β€Šand before this turns into a complete psychotherapy sessionβ€Šβ€”β€ŠI want to briefly describe what the application is supposed toΒ do.

Anton’s vibe app screenshot

We have a podcast (Cloud Security Podcast by Google), and I often feel that old episodes containing useful information aren’t being listened to and the insights from them go to waste. At the same time, for many organizations today, the answer to their current security problems may well have been discussed and solved in 2021. This may be strange to some, but for many organizations, the future is in the past. Somebody else’sΒ past!

So I wanted β€œa machine” that turns old episodes into role-specific insights, without too much work by a human (me). This blog is a reflection on how thingsΒ went.

First, my app is using public dataβ€Šβ€”β€Šnamely podcast transcripts and audioβ€Šβ€”β€Što create other public data (social media posts). Since the inputs and outputs are public, this certainly made me at peace with vibe coding. Naturally, I needed to understand how the app would be coded, where it would live and what I should do to make it manifest in the real world. So I asked Gemini, and it suggested I use AI Studio by Google, and I did (non-critically) exactlyΒ that.

When I started creating the app, the question of storage immediately came up. Jumping a little bit ahead, you will see that authentication / credentials and storage were two security themes I reflected on theΒ most.

You want to read a file from storage, but what storage? More importantly, whose storage? At this point, I had my first brush with anxiety of the β€œvibe process.” I didn’t want to just vibe code without a full understanding of the data access machinery. I immediately said, β€œNo, I don’t want to store data in my Google Drive using my credentials.” I just didn’t trustΒ it.

In fact, I didn’t trust the app with any credentials for anythingβ€Šβ€”β€Šwork or personalβ€Šβ€”β€Šat all! Given that I have public data, I decided to store it in a public web folder. AI Studio suggested ways to store data that people might not fully understand, and this is my other reflection: If I’m not a developer, and I don’t know the machinery behind the app, how do I decide? These decisions are risk decisions and β€œa citizen vibe coder” is very much not equipped to make them. Well, I sureΒ wasn’t.

So what are the security implications of the decisions a developer makesβ€Šβ€”β€Šsometimes guided by AI and sometimes on their own? Can I truly follow an AI recommendation that I don’t understand? Should I follow it? If you don’t understand what happens, I can assure you, you certainly do not understand theΒ risks!

As a result, I did not trust the app with any credentials or authenticated access. Of course, a solution may have been to use throwaway storage with throwaway credentials, but I think I do not need this in my life... Anyhow, many actions that you take during vibe coding, whether suggested by AI or not, have security implications.

In addition, the app interacts with the environment. If the app is being built in a corporate environment, it interacts with corporate security β€œrules and tools”, and some things you may want to do wouldn’t work. I’m not going into details, but I had a couple of examples of that. If you vibe code at work and you are doing it through, let’s say, shadow AI, there will be things your AI (and you) would want to do, but your employer security would not allow. And often with good reasons too! So you ask AI for more ways and hope it won’t say β€œjust disable the firewall.”

The next conundrum, apart from storage, was output quality. What about quality and those hallucinatory mistakes? Now, I know my app uses an LLM to condense a summary of the podcast transcript into brief insights for social media. And before my app runs, another LLM turns MP3 into text. And it also uses an LLM to make the visual summaries. So, the question is: who handles the mistakes, andΒ how?

For example, I tried to use a certain β€œwell known” model to create a visual summary. Of course, the visual summary was incredibly accurate in most cases, but sometimes β€œmistakes were made” and words were corrupted (β€œverifigement” happened to me in one case). If an LLM powered tool can do something, it does not mean it will do it equally well every time (unless you build validators AND the things that you need to do can in fact be validated). So validate!

Further, I read somewhere that the process for dealing with AI mistakes is different from the process for dealing with human mistakes. I am sure I could write another module for the app to check if an image has correct text or add another validation technique, but it is interesting that I faced this veryΒ quickly.

Thus I have to deal with β€œAI-style mistakes”, and I cannot solve them by having a human review everything. I can tell you right away, even from my small project, that having a human review is a non-starter. It’s theoretically correct, but practically won’t happen. It absolutely will not happen if you take the koolaid and transform your business process to be β€œAI native.” Having humans review boring tasks like checking image text is completely insane. That’s not going to fly. HITL is DOA (for theseΒ tasks).

So: storage, credentials, trust, and quality all came up. Another decision arose when I needed to store intermediate results of my insight generation. Again, trust issues surfaced because data storage. AI Studio suggested choices, I asked AI about pros/cons, and made the decision. Again all these decisions are risk decisions.

Finally, certain mistakes come up all the time, repeatedly, and I have to tell AI Studio to write things multiple times because it doesn’t always β€œget” it (example: my podcast episode URLs). This is another lesson: sometimes it takes multiple prompts, and constant reminders (say to validate theΒ links)

All in all, I’ll continue to experimentβ€Šβ€”β€Šgot more ideas that I want. Here are some outputs of myΒ app…

Anton vibe appΒ UX

Now the explicit lessons for those who need this crisp and actionable:

1. You Make Implied Security Decisions with EveryΒ Prompt

When you β€œvibe code,” you aren’t just describing features; you are making risk and security decisions. If you ask an AI to β€œsave this data,” and you don’t specify how or where, the AI may choose the path of least resistanceβ€Šβ€”β€Šusually a public bucket or a local file with cleartext credentials. In the world of AI-generated code, silence is a security decision.

2. Credentials and Storage: The Boring Stuff is Still the HardΒ Stuff

Storage and credentials were the key themes for me. This is the great irony of modern development: AI can write a complex LLM orchestration layer in seconds, but it may struggle to help a novice set up a secure, encrypted secrets manager. The β€œplumbing” of security remains the primary frictionΒ point.

3. AI Mistakes Require a New ResponseΒ Model

Traditional QA seems designed for deterministic human error. AI β€œstyle mistakes” (like corrupted words in a visual summary) are stochastic and weird. And common! Human review is a β€œnon-starter” for these tasks. Security and quality validation for AI-generated content must itself be automated (AI-on-AI validation) because humans simply won’t do the β€œdeathly boring” work of checking verbatim accuracy at scale. Turtles all the way down can happen toΒ you.

4. Corporate Guardrails vs. AIΒ Ambition

The AI you vibe code with may not know your corporate policy. It will suggest β€œawesome” features that would immediately trigger a compliance violation. A few times while vibe coding, I heard a subtle lawyercat meowing in the air duct… When vibe coding in a corporate environment, you quickly hit the wall where β€œwhat the AI wants to do” meets β€œwhat security allows.” This reinforces the need for platform-level guardrails rather than just merely developer education.

5. Public Data is the Only β€œSafe” Vibe

My β€œpeace of mind” came from the fact that your inputs and outputs were already public. To me, this is the only way to vibe code safely without a full understanding of the underlying security stack. The moment you move from β€œpublic podcast audio” to β€œproprietary customer data,” the risk model shifts from β€œfun experiment” to β€œdataΒ breach.”

Anyhow, this was my mildly-AI-assisted stream of vibe consciousness.

Enjoy the show! Now withΒ video!


Anton’s Vibe Coding Experience: A Reflection on Risk Decisions was originally published in Anton on Security on Medium, where people are continuing the conversation by highlighting and responding to this story.

β€˜Exploit every vulnerability’: rogue AI agents published passwords and overrode anti-virus software

Exclusive: Lab tests discover β€˜new form of insider risk’ with artificial intelligence agents engaging in autonomous, even β€˜aggressive’ behaviours

Robert Booth UK technology editor

Rogue artificial intelligence agents have worked together to smuggle sensitive information out of supposedly secure systems, in the latest sign cyber-defences may be overwhelmed by unforeseen scheming by AIs.

With companies increasingly asking AI agents to carry out complex tasks in internal systems, the behaviour has sparked concerns that supposedly helpful technology could pose a serious inside threat.

Continue reading...

Β© Photograph: Andrey Kryuchkov/Alamy

Β© Photograph: Andrey Kryuchkov/Alamy

Β© Photograph: Andrey Kryuchkov/Alamy

❌